Hi,
I’m trying track down an issue I’m having with getting DNS delegation to Azure DNS for a subdomain working.
Background:
- I had a number of domains delegated from porkbun registrar to desec for a few years.
- I’ve been managing a split DNS configuration to allow for the use of Lets Encrypt certificates using the acme.sh and certbot ACME tools - this works quite well.
- Unfortunately the lack of a working (I’ve given up getting both versions referred to in this forum) cert-manager webhook for desec has resulted in me exploring other DNS providers for this functionality.
- The Azure webhook just worked - first go, minimal configuration (txt records being created correctly), what isn’t working is the delegation of a subdomain from Desec to Azure DNS.
I’ve tried 2 methods:
- create NS records for the subname , and
- create the subdomain as a new zone, create NS records within the parent zone (that point back to the desec nameservers) and then add the NS records for Azure to the new subdomain zone (<- this is how I currently have it configured, complete with DS record).
And neither option seems to be delegating all DNS queries to the subdomain configured nameservers.
Azure doesn’t support DS records (its experimental, and doesn’t seem to be active for my subscription) or DNSSEC.
Am I missing something?